Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Apple’s New Encryption to Lock Out Government

WASHINGTON – Apple is rolling out new privacy protections for iPhones and iPads, with a new system that makes it impossible for the company to unlock a device even with a warrant.

Apple’s privacy terms updated late Wednesday indicate that under its new mobile operating system, iOS 8, the company will not have access to customer passwords.

WASHINGTON – Apple is rolling out new privacy protections for iPhones and iPads, with a new system that makes it impossible for the company to unlock a device even with a warrant.

Apple’s privacy terms updated late Wednesday indicate that under its new mobile operating system, iOS 8, the company will not have access to customer passwords.

“Your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders, is placed under the protection of your passcode,” says the new policy on Apple’s website.

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

The iOS 8 operating system is available on the iPhone 6, which goes on sale Friday, and can be installed on many existing iPhones and iPads.

The update comes in the wake of revelations of massive government surveillance programs that sweep up data from computers and other devices.

Leaked documents from former National Security Agency contractor Edward Snowden have highlighted concerns about the role of major tech firms in these programs.

Apple’s chief executive Tim Cook said the company is dedicated to protection of personal data.

Advertisement. Scroll to continue reading.

“Our business model is very straightforward,” he said in a message to Apple users.

“We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t ‘monetize’ the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you.”

The move comes with Apple and other tech firms under scrutiny for how much information is handed over to law enforcement and intelligence agencies.

Apple said it does comply with legitimate court orders and other legal requests.

But Cook stated, “We have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.”

The privacy update comes following a leak of nude celebrity photos from their iCloud storage. Apple said its cloud servers were not breached, but that celebrities had their passwords stolen or fell victim to schemes to give up their passwords.

‘Awesome for Privacy

Privacy activists praised the effort and said it may encourage others to follow Apple’s lead.

“This is very awesome for privacy,” said Joseph Hall, chief technologist at the Washington-based Center for Democracy and Technology.

“This is an important assurance for people. It’s not security just some of the time, it’s security all of the time.”

Hall added that the move is “good for the industry, because there is a real deficit of trust” after the incident affecting celebrity photos.

“I think with this, you will see other companies compete on privacy and security,” Hall told AFP.

Hall said that on Google Android devices, the pattern-unlock code provides little security but that an optional personal code is encrypted and offers similar protection to that offered by Apple.

“But it’s not the default for Android, and the default is important because most people don’t change that,” he said.

Marc Rotenberg, president of the Electronic Privacy Information Center, said it was “good news for Internet users and iPhone users that their screen lock cannot be compromised.”

But Rotenberg said other privacy issues still need to be addressed, notably how Apple handles personal data for its HealthKit system for fitness monitoring.

“The issue is the flow of user data to the app developers,” Rotenberg told AFP. “Apple has created a platform that can allow for the transfer of sensitive medical data.”

Jeffrey Chester at the Center for Digital Democracy also expressed caution.

Chester said Apple “did the right thing” with its new encryption but that its partnerships with banks, retailers and others are cause for concern.

“These companies know that Apple will help them gather even more data from us, including our financial information and location,” Chester said.

“Apple at the moment is serving as a data collection ‘middleman,’ as it builds a new business as a financial and health data supplier.”

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...